VYPR

Vendor CVEs

Mozilla Corporation

All CVEs

3,627 total · sorted by risk
  • CVE-2016-2813MedApr 30, 2016
    risk 0.42cvss 6.5epss 0.01

    Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a…

  • CVE-2016-1967MedMar 13, 2016
    risk 0.42cvss 6.5epss 0.02

    Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and…

  • CVE-2016-1956MedMar 13, 2016
    risk 0.42cvss 6.5epss 0.02

    Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader.

  • CVE-2016-1523MedFeb 13, 2016
    risk 0.42cvss 6.5epss 0.02

    The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (missing initialization, NULL…

  • CVE-2016-1938MedJan 31, 2016
    risk 0.42cvss 6.5epss 0.03

    The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging…

  • CVE-2016-1933MedJan 31, 2016
    risk 0.42cvss 6.5epss 0.02

    Integer overflow in the image-deinterlacing functionality in Mozilla Firefox before 44.0 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted GIF image.

  • CVE-2015-8511MedJan 9, 2016
    risk 0.42cvss 6.4epss 0.00

    Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors.

  • CVE-2005-0587MedMar 25, 2005
    risk 0.42cvss 6.5epss 0.01

    Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file.

  • CVE-2026-6762MedApr 21, 2026
    risk 0.41cvss 6.3epss 0.00

    Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6757MedApr 21, 2026
    risk 0.41cvss 6.3epss 0.00

    Invalid pointer in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2025-3522MedApr 15, 2025
    risk 0.41cvss 6.3epss 0.00

    Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the…

  • CVE-2025-2830MedApr 15, 2025
    risk 0.41cvss 6.3epss 0.00

    By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive…

  • CVE-2019-11738MedSep 27, 2019
    risk 0.41cvss 6.3epss 0.01

    If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This…

  • CVE-2016-2837MedAug 5, 2016
    risk 0.41cvss 6.3epss 0.05

    Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and…

  • CVE-2016-1975MedMar 13, 2016
    risk 0.41cvss 6.3epss 0.01

    Multiple race conditions in dom/media/systemservices/CamerasChild.cpp in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown…

  • CVE-2025-13013MedNov 11, 2025
    risk 0.40cvss 6.1epss 0.00

    Mitigation bypass in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Firefox ESR 115.30, Thunderbird 145, and Thunderbird 140.5.

  • CVE-2025-11712MedOct 14, 2025
    risk 0.40cvss 6.1epss 0.00

    A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This could have contributed to an XSS on a site that unsafely serves files without a content-type header.…

  • CVE-2025-10536MedSep 16, 2025
    risk 0.40cvss 6.2epss 0.00

    Information disclosure in the Networking: Cache component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

  • CVE-2025-55033MedAug 19, 2025
    risk 0.40cvss 6.1epss 0.00

    Dragging JavaScript links to the URL bar in Focus for iOS could be utilized to run malicious scripts, potentially resulting in XSS attacks. This vulnerability was fixed in Focus for iOS 142.

  • CVE-2025-55032MedAug 19, 2025
    risk 0.40cvss 6.1epss 0.00

    Focus for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline, potentially allowing for XSS attacks. This vulnerability was fixed in Focus for iOS 142.

  • CVE-2025-55030MedAug 19, 2025
    risk 0.40cvss 6.1epss 0.00

    Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks. This vulnerability was fixed in Firefox for iOS 142.

  • CVE-2025-6430MedJun 24, 2025
    risk 0.40cvss 6.1epss 0.00

    When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability was fixed…

  • CVE-2025-3859MedApr 30, 2025
    risk 0.40cvss 6.1epss 0.00

    Websites directing users to long URLs that caused eliding to occur in the location view could leverage the truncating behavior to potentially trick users into thinking they were on a different webpage. This vulnerability was fixed in Focus 138.

  • CVE-2024-0953MedFeb 5, 2024
    risk 0.40cvss 6.1epss 0.00

    When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. This may surprise the user and potentially direct them to unwanted content. This vulnerability affects Firefox for iOS < 129.

  • CVE-2023-6867MedDec 19, 2023
    risk 0.40cvss 6.1epss 0.01

    The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to…

  • CVE-2023-49061MedNov 21, 2023
    risk 0.40cvss 6.1epss 0.00

    An attacker could have performed HTML template injection via Reader Mode and exfiltrated user information. This vulnerability affects Firefox for iOS < 120.

  • CVE-2023-5758MedOct 25, 2023
    risk 0.40cvss 6.1epss 0.00

    When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting (XSS) attack. This vulnerability affects Firefox for iOS < 119.

  • CVE-2023-42808MedOct 4, 2023
    risk 0.40cvss 6.1epss 0.00

    Common Voice is the web app for Mozilla Common Voice, a platform for collecting speech donations in order to create public domain datasets for training voice recognition-related tools. Version 1.88.2 is vulnerable to reflected Cross-Site Scripting given that user-controlled data…

  • CVE-2023-34415MedJun 19, 2023
    risk 0.40cvss 6.1epss 0.00

    When choosing a site-isolated process for a document loaded from a data: URL that was the result of a redirect, Firefox would load that document in the same process as the site that issued the redirect. This bypassed the site-isolation protections against Spectre-like attacks on…

  • CVE-2023-29540MedJun 2, 2023
    risk 0.40cvss 6.1epss 0.00

    Using a redirect embedded into sourceMappingUrls could allow for navigation to external protocol links in sandboxed iframes without allow-top-navigation-to-custom-protocols. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus…

  • CVE-2019-17003MedFeb 16, 2023
    risk 0.40cvss 6.1epss 0.00

    Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed.

  • CVE-2022-45418MedDec 22, 2022
    risk 0.40cvss 6.1epss 0.01

    If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

  • CVE-2022-45413MedDec 22, 2022
    risk 0.40cvss 6.1epss 0.00

    Using the S.browser_fallback_url parameter parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookies to be sent.*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects…

  • CVE-2022-45411MedDec 22, 2022
    risk 0.40cvss 6.1epss 0.01

    Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on…

  • CVE-2022-40956MedDec 22, 2022
    risk 0.40cvss 6.1epss 0.01

    When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

  • CVE-2022-36316MedDec 22, 2022
    risk 0.40cvss 6.1epss 0.00

    When using the Performance API, an attacker was able to notice subtle differences between PerformanceEntries and thus learn whether the target URL had been subject to a redirect. This vulnerability affects Firefox < 103.

  • CVE-2022-34475MedDec 22, 2022
    risk 0.40cvss 6.1epss 0.00

    SVG <use> tags that referenced a same-origin document could have resulted in script execution if attacker input was sanitized via the HTML Sanitizer API. This would have required the attacker to reference a same-origin JavaScript file containing the script to…

  • CVE-2022-34474MedDec 22, 2022
    risk 0.40cvss 6.1epss 0.00

    Even when an iframe was sandboxed with allow-top-navigation-by-user-activation, if it received a redirect header to an external protocol the browser would process the redirect and prompt the user as appropriate. This vulnerability affects Firefox < 102.

  • CVE-2022-34473MedDec 22, 2022
    risk 0.40cvss 6.1epss 0.00

    The HTML Sanitizer should have sanitized the href attribute of SVG <use> tags; however it incorrectly did not sanitize xlink:href attributes. This vulnerability affects Firefox < 102.

  • CVE-2022-29912MedDec 22, 2022
    risk 0.40cvss 6.1epss 0.01

    Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

  • CVE-2022-29911MedDec 22, 2022
    risk 0.40cvss 6.1epss 0.01

    An improper implementation of the new iframe sandbox keyword allow-top-navigation-by-user-activation could lead to script execution without allow-scripts being present. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

  • CVE-2022-29910MedDec 22, 2022
    risk 0.40cvss 6.1epss 0.00

    When closed or sent to the background, Firefox for Android would not properly record and persist HSTS settings.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 100.

  • CVE-2021-43544MedDec 8, 2021
    risk 0.40cvss 6.1epss 0.01

    When receiving a URL through a SEND intent, Firefox would have searched for the text, but subsequent usages of the address bar might have caused the URL to load unintentionally, which could lead to XSS and spoofing attacks. *This bug only affects Firefox for Android. Other…

  • CVE-2021-43543MedDec 8, 2021
    risk 0.40cvss 6.1epss 0.01

    Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

  • CVE-2021-43532MedDec 8, 2021
    risk 0.40cvss 6.1epss 0.01

    The 'Copy Image Link' context menu action would copy the final image URL after redirects. By embedding an image that triggered authentication flows - in conjunction with a Content Security Policy that stopped a redirection chain in the middle - the final image URL could be one…

  • CVE-2021-43530MedDec 8, 2021
    risk 0.40cvss 6.1epss 0.01

    A Universal XSS vulnerability was present in Firefox for Android resulting from improper sanitization when processing a URL scanned from a QR code. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 94.

  • CVE-2021-29979MedAug 2, 2021
    risk 0.40cvss 6.1epss 0.01

    Hubs Cloud allows users to download shared content, specifically HTML and JS, which could allow javascript execution in the Hub Cloud instance’s primary hosting domain.*. This vulnerability affects Hubs Cloud < mozillareality/reticulum/1.0.1/20210618012634.

  • CVE-2021-29953MedJun 24, 2021
    risk 0.40cvss 6.1epss 0.01

    A malicious webpage could have forced a Firefox for Android user into executing attacker-controlled JavaScript in the context of another domain, resulting in a Universal Cross-Site Scripting vulnerability. *Note: This issue only affected Firefox for Android. Other operating…

  • CVE-2021-29944MedJun 24, 2021
    risk 0.40cvss 6.1epss 0.01

    Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execution, HTML injection is still possible. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This…

  • CVE-2011-3656MedJun 2, 2021
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7 allows remote attackers to inject arbitrary web script or HTML via vectors involving HTTP 0.9 errors, non-default ports, and content-sniffing.

Page 30 of 73